<?php
if($_SESSION[Logged_In] == false)
{
//check if username got anything else than a-z0-9 and _ or is bigger than 16
//returns true if there is anything else other than a-z 
function checkusername($Account) 
{
	if(preg_match('/^[a-zA-Z0-9_]{3,16}$/', $_POST['Register_Username'])) 
	{
		return true;
	}
return false;
}


if(!captcha_check($_POST['captcha']) && !empty($_POST['captcha'])){
					die("Captcha is wrong");
}



		echo "<form method=post>";
		echo "Username:";
		echo "<br>";
		echo "<input name=Register_Username maxlength=60>";
		echo "<br>";
		echo "Password:";
		echo "<br>";
		echo "<input type=password name=Register_Password maxlength=30>";
		echo "<br>";
		captcha();
		echo "<br>";
		echo "<input type=submit name=submit value=Register>";
		echo "</form>";

		
		if(isset($_POST["Register_Username"]) && isset($_POST["Register_Password"]))
		{
			//checks if everything is filled in
			if (!$_POST['Register_Username'] | !$_POST['Register_Password']) 
			{
				echo('fill everything please');
			}
			else
			{
				//escape from New York
				$Account = mysql_real_escape_string($_POST["Register_Username"]);
				$Password = mysql_real_escape_string(SHA1($_POST["Register_Password"]));
		
				//check if username exist
				$Query = mysql_query("SELECT * FROM `accounts` WHERE username='$Account'") or die(mysql_error());
				$Username_Exist = mysql_num_rows($Query);
				if($Username_Exist > 0)
				{
					echo "Username does already exist";
					unset($Account);
					exit();
				}
				if(checkusername($Account) == false)
				{
					echo "a-z A-Z 0-9 _ only";
					unset($Account);
					exit();
				}
				else
				{
					$query = "INSERT INTO `accounts` VALUES(NULL, '$Account', '$Password')";
					mysql_query($query) or die(mysql_error());
					echo "Account created<br>";
					//redirect
				}
			}
		}
	}
	else
	{
		echo "<br>redirecting<br>";
		//redirect
	}
?>